1015 matches found
CVE-2021-31933
A remote code execution vulnerability exists in Chamilo through 1.11.14 due to improper input sanitization of a parameter used for file uploads, and improper file-extension filtering for certain filenames e.g., .phar or .pht. A remote authenticated administrator is able to upload a file containin...
Remote code execution
A remote code execution vulnerability exists in Chamilo through 1.11.14 due to improper input sanitization of a parameter used for file uploads, and improper file-extension filtering for certain filenames e.g., .phar or .pht. A remote authenticated administrator is able to upload a file containin...
CVE-2021-31933
A remote code execution vulnerability exists in Chamilo through 1.11.14 due to improper input sanitization of a parameter used for file uploads, and improper file-extension filtering for certain filenames e.g., .phar or .pht. A remote authenticated administrator is able to upload a file containin...
CVE-2021-31865
Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows users to circumvent the allowed filename extensions of uploaded attachments...
Design/Logic Flaw
The WP-Curriculo Vitae Free WordPress plugin through 6.3 suffers from an arbitrary file upload issue in page where the formCadastro is embed. The form allows unauthenticated user to register and submit files for their profile picture as well as resume, without any file extension restriction,...
CVE-2021-30140
LiquidFiles 3.4.15 has stored XSS through the "send email" functionality when sending a file via email to an administrator. When a file has no extension and contains malicious HTML / JavaScript content such as SVG with HTML content, the payload is executed upon a click. This is fixed in 3.5...
Cross site scripting
LiquidFiles 3.4.15 has stored XSS through the "send email" functionality when sending a file via email to an administrator. When a file has no extension and contains malicious HTML / JavaScript content such as SVG with HTML content, the payload is executed upon a click. This is fixed in 3.5...
WP-Curricul Vitea Free <= 6.3 - Unauthenticated Arbitrary File Upload to RCE
The plugin suffers from an arbitrary file upload issue in page where the formCadastro is embed. The form allows unauthenticated user to register and submit files for their profile picture as well as resume, without any file extension restriction, leading to RCE. PoC The PoC will be displayed once...
CVE-2021-21355 Unrestricted File Upload in Form Framework
TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 8.7.40, 9.5.25, 10.4.14, 11.1.1, due to the lack of ensuring file extensions belong to configured allowed mime-types, attackers can upload arbitrary data with arbitrary file extensions - however, default...
The vulnerability of the visual analysis tool IBM i2 Analyst’s Notebook lies in the fact that an exception can occur when data is written beyond the buffer in memory. This allows a malicious actor to trigger a service failure or execute arbitrary code.
The vulnerability of the visual analysis tool IBM i2 Analyst’s Notebook relates to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to trigger a service failure or execute arbitrary code using a specially created file with...
CVE-2021-27964
SonLogger before 6.4.1 is affected by Unauthenticated Arbitrary File Upload. An attacker can send a POST request to /Config/SaveUploadedHotspotLogoFile without any authentication or session header. There is no check for the file extension or content of the uploaded file...
ONLYOFFICE Document Server File Extension Handling Vulnerability (CNVD-2021-17248)
ONLYOFFICE Document Server is a free collaborative online office suite that includes viewers and editors for text, spreadsheets and presentations. A file extension handling vulnerability exists in the ONLYOFFICE DocumentServer core module, which can be exploited by an attacker to remotely execute...
ONLYOFFICE Document Server File Extension Handling Vulnerability
ONLYOFFICE Document Server is a free collaborative online office suite that includes viewers and editors for text, spreadsheets and presentations. ONLYOFFICE Document Server suffers from a file extension handling vulnerability that can be exploited by an attacker requesting data to control file...
ONLYOFFICE Document Server File Extension Handling Vulnerability (CNVD-2021-17247)
ONLYOFFICE Document Server is a free collaborative online office suite that includes viewers and editors for text, spreadsheets and presentations. A file extension handling vulnerability exists in the ONLYOFFICE DocumentServer core module, which can be exploited by an attacker to remotely execute...
CVE-2021-25833
A file extension handling issue was found in server module of ONLYOFFICE DocumentServer v4.2.0.71-v5.6.0.21. The file extension is controlled by an attacker through the request data and leads to arbitrary file overwriting. Using this vulnerability, a remote attacker can obtain remote code executi...
CVE-2021-25833
A file extension handling issue was found in server module of ONLYOFFICE DocumentServer v4.2.0.71-v5.6.0.21. The file extension is controlled by an attacker through the request data and leads to arbitrary file overwriting. Using this vulnerability, a remote attacker can obtain remote code executi...
CVE-2021-25830
A file extension handling issue was found in core module of ONLYOFFICE DocumentServer v4.2.0.236-v5.6.4.13. An attacker must request the conversion of the crafted file from DOCT into DOCX format. Using the chain of two other bugs related to improper string handling, an attacker can achieve remote...
CVE-2021-25831
A file extension handling issue was found in core module of ONLYOFFICE DocumentServer v4.0.0-9-v5.6.3. An attacker must request the conversion of the crafted file from PPTT into PPTX format. Using the chain of two other bugs related to improper string handling, a remote attacker can obtain remote...
CVE-2021-25831
A file extension handling issue was found in core module of ONLYOFFICE DocumentServer v4.0.0-9-v5.6.3. An attacker must request the conversion of the crafted file from PPTT into PPTX format. Using the chain of two other bugs related to improper string handling, a remote attacker can obtain remote...
Design/Logic Flaw
A file extension handling issue was found in core module of ONLYOFFICE DocumentServer v4.0.0-9-v5.6.3. An attacker must request the conversion of the crafted file from PPTT into PPTX format. Using the chain of two other bugs related to improper string handling, a remote attacker can obtain remote...